After negligent users, a lack of security culture and users sharing passwords among each other are the next biggest concerns facing an organization.

For C-suite executives, the biggest concerns are a loss of their organization’s reputation after a cybersecurity breach, followed by business disruption.

Maintaining a comprehensive, layered approach to security is a daunting task, but it’s one that must be done. Plus, the survey seems to suggest that organizations with a culture focused on security feel the ripple effects of their preparation. According to KnowBe4, there’s a 70% overlap between organizations with no proper security culture in place and those organizations having major concern with negligent users.

Without a doubt, the biggest risk for users remains email phishing attacks. However, it’s becoming increasingly important to educate your users on how to look out for search engine hijacking, infected websites, fake security notices, or fraudulent social media landing pages asking for your log-in.

Cybersecurity training at your organization should have a regular cadence to test users on what they already know and offer additional training on what’s new.